<?php
include_once("sessionmanager.php");
initSession();

if (!isset($_SESSION['s_loggedin']) || ($_SESSION['s_loggedin'] == false) || !isset($_SESSION['s_serverurl']) || (strpos($_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'],$_SESSION['s_serverurl']) === false)) {
	$error_page_code = "timeout";
	include "errorpage.php";
	exit();	
}

if (!isset($_SESSION['lang'])) $_SESSION['lang'] = "chinese";
if (isset($_GET['language'])) {
	switch ($_GET['language']) {
		case "chinese" : $_SESSION['lang']="chinese"; break;
		case "english" : $_SESSION['lang']="english"; break;
		default : $_SESSION['lang']="chinese"; break;
	}
}
include "languages.php";
include_once "functions.inc.php";
include "attributes.php";
require "config.php";

$userid = $_SESSION['s_userid'];
mysql_connect($dbhost,$dbusername,$dbpassword) or die(PARSER_ERROR3);
mysql_select_db($dbname) or die(PARSER_ERROR2);


if (isset($_GET['delete']) && is_numeric($_GET['delete'])) {
	$id = (int)$_GET['delete'];
	$query = "DELETE FROM $shouttable WHERE id='$id' LIMIT 1";
	mysql_query($query) or die(mysql_error());
}

if (isset($_POST['comment']) && trim($_POST['comment']) != "") {
	$comment = mysql_real_escape_string(trim(strip_tags(stripslashes($_POST['comment']))));
	if (strlen($comment > 255)) $comment = substr($comment,0,255);
	
	if (!empty($comment)) {
		$query = "INSERT INTO $shouttable (username,shouttext,shoutdate) VALUES ('".$_SESSION['s_username']."','$comment',NOW())";
		$res = mysql_query($query) or die(mysql_error());
		$query = "SELECT id FROM $shouttable ORDER BY shoutdate ASC";
		$res = mysql_query($query) or die(mysql_error());
		if (mysql_num_rows($res) > $maxshouts) {
			$number = mysql_num_rows($res);
			$where = " id IN (";
			$i = 0;
			while ($line = mysql_fetch_object($res)) {
				if ($i < ($number-$maxshouts)) $where .= $line->id.",";
				else break;
				$i++;
			}
			$where = substr($where,0,strlen($where)-1).")";
			$query = "DELETE FROM $shouttable WHERE ".$where;
			$res = mysql_query($query) or die(mysql_error());
		}
	}
}


$query  = "SELECT count(*) as anzahl FROM $dbtablename where userid=$userid and planet=1";
$res = mysql_query($query);
if  (!$res) $systeme = 0;
else {
	$line = mysql_fetch_object($res);
	$systeme = $line->anzahl;
}
$query  = "SELECT count(*) as anzahl FROM $dbtablename WHERE userid=$userid AND planet=1 and zeit>".(time()-86400*7);
$res = mysql_query($query);
if  (!$res) $lastweek = 0;
else {
	$line = mysql_fetch_object($res);
	$lastweek = $line->anzahl;
}
$query  = "SELECT count(*) as anzahl FROM $dbtablename WHERE userid=$userid AND planet=1 AND zeit<".(time()-86400*30);
$res = mysql_query($query);
if  (!$res) $toold = 0;
else {
	$line = mysql_fetch_object($res);
	$toold = $line->anzahl;
}
if($userid == 0) { //admin
	$query  = "SELECT count(*) as anzahl FROM $utablename";
	$res = mysql_query($query);
	if  (!$res) $reg_user = 0;
	else {
		$line = mysql_fetch_object($res);
		$reg_user = $line->anzahl;
	}
}
$query  = "SELECT count(*) as anzahl FROM $noticetable where userid=$userid";
$res = mysql_query($query);
if  (!$res) $notices = 0;
else {
	$line = mysql_fetch_object($res);
	$notices = $line->anzahl;
}
$query  = "SELECT count(*) as anzahl FROM $pstablename where userid=$userid";
$res = mysql_query($query);
if  (!$res) $players = 0;
else {
	$line = mysql_fetch_object($res);
	$players = $line->anzahl;
}
$query  = "SELECT count(*) as anzahl FROM $astablename where userid=$userid";
$res = mysql_query($query);
if  (!$res) $allies = 0;
else {
	$line = mysql_fetch_object($res);
	$allies = $line->anzahl;
}
$query  = "SELECT count(*) as anzahl FROM $reporttable where userid=$userid";
$res = mysql_query($query);
if  (!$res) $reports = 0;
else {
	$line = mysql_fetch_object($res);
	$reports = $line->anzahl;
}
$query  = "SELECT count(playername) as anzahl FROM $pstablename p WHERE p.userid=$userid AND p.status LIKE '%u%'";
$res = mysql_query($query);
if  (!$res) $umods = 0;
else {
	$line = mysql_fetch_object($res);
	$umods = $line->anzahl;
}


makeheader(INDEX_TITLE);

?>
<table cellpadding="1" cellspacing="0" border="0" align="center" width="90%"><tr><td>
<table class="standard" cellpadding="4" cellspacing="0" border="0" width="100%">
<tr class="tblhead"><td colspan="2"><?php echo INDEX_INFO; ?></td></tr>

<tr class="firstcolor"><td><?php echo INDEX_ENTRIES; ?></td><td><?php echo $systeme; ?></td>
<tr class="firstcolor"><td><?php echo INDEX_ENTRIES_LASTWEEK; ?></td><td><?php echo $lastweek; ?></td>
<tr class="firstcolor"><td><?php echo INDEX_ENTRIES_TO_OLD; ?></td><td><?php echo $toold; ?></td>
<? if($userid == 0) { ?>
<tr class="firstcolor"><td><?php echo INDEX_REGISTERED_USERS; ?></td><td><?php echo $reg_user; ?></td>
<? } ?>
<tr class="firstcolor"><td><?php echo INDEX_NOTICES; ?></td><td><?php echo $notices; ?></td>
<tr class="firstcolor"><td><?php echo INDEX_PLAYERS; ?></td><td><?php echo $players; ?></td>
<tr class="firstcolor"><td><?php echo INDEX_ALLIES; ?></td><td><?php echo $allies; ?></td>
<tr class="firstcolor"><td><?php echo INDEX_REPORTS; ?></td><td><?php echo $reports; ?></td>
<tr class="firstcolor"><td><?php echo INDEX_UMOD; ?></td><td><?php echo $umods; ?></td>
</tr>
</table>

<form action="index.php" method="POST">
<table class="standard" cellpadding="4" cellspacing="0" border="0" width="100%" style="margin-top:50px;">
<tr class="tblhead"><td colspan="2"><?php echo INDEX_SHOUTBOX; ?></td></tr>
<?php
$query = "SELECT * FROM $shouttable ORDER BY shoutdate DESC";
$res = mysql_query($query) or die(mysql_error());
while ($line = mysql_fetch_object($res)) {
	if ($_SESSION['s_userman']) {
		echo '<tr class="firstcolor"><td valign="middle" style="width:150px;"><a href="index.php?delete='.$line->id.'"><img src="../images/delete.gif" border="0" style="vertical-align: middle;" /></a>['.substr($line->shoutdate,5,11).'] '.$line->username.':</td><td>'.$line->shouttext.'</td></tr>'."\n";
	} else {
		if (strcmp($line->username, "admin") == 0) {
			echo '<tr class="firstcolor"><td valign="top" style="width:150px;">['.substr($line->shoutdate,5,11).'] <font color="white"><b>'.$line->username.':</b></font></td><td><font color="white"><b>'.$line->shouttext.'</b></font></td></tr>'."\n";
		} else {
			echo '<tr class="firstcolor"><td valign="top" style="width:150px;">['.substr($line->shoutdate,5,11).'] '.$line->username.':</td><td>'.$line->shouttext.'</td></tr>'."\n";
		}
	}
	
}
if (mysql_num_rows($res) == 0) {
	echo '<tr class="firstcolor"><td colspan="2">'.INDEX_NOENTRY.'</td></tr>';
}
echo '<tr class="firstcolor"><td colspan="2">'.INDEX_COMMENT.': 
	  <input type="text" class="textfield" maxlength="255" style="width:350px;" name="comment" value="" />
	  <input type="submit" class="button" name="'.urlencode(INDEX_INSERT).'" value="'.INDEX_INSERT.'" />
	  </td></tr>';
	
?>
</table>
</form>
<table class="standard" cellpadding="4" cellspacing="0" border="0" width="100%" style="margin-top:50px;">
<tr class="tblhead"><td align="left">Contact me: </td><td align="right"><?php echo $email_from; ?></td></tr>
</table>
</td></tr>
</table>


<?php
makefooter();
?>
